Ford investgates alleged breach following customer data leak

Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum.

The leak was announced on Sunday by threat actor ‘EnergyWeaponUser,’ also implicating the hacker ‘IntelBroker,’ who supposedly took part in the November 2024 breach.

The threat actors leaked on BreachForums 44,000 Ford customer records containing customer information, including full names, physical locations, purchase details, dealer information, and record timestamps.

The exposed records aren’t extremely sensitive, but they still contain personally identifiable information that could empower phishing and social engineering attacks targeting the exposed individuals.

The threat actors did not attempt to sell the dataset but instead offered it to registered members of the hacker forum for eight credits, equal to a little over $2.

BleepingComputer contacted Ford to validate the claims, and a spokesperson for the firm told us they are investigating the allegations.

“Ford is aware and is actively investigating the allegations that there has been a breach of Ford data. Our investigation is active and ongoing,” Ford told BleepingComputer.

The involvement of IntelBroker in the breach lends some credibility to the threat actor’s allegations based on the threat actor’s recent record.

The hacker has recently achieved confirmed breaches at Cisco’s DevHub portal, Nokia (through a third party), Europol’s EPE web portal, and T-Mobile (via a vendor).

The locations mentioned in the data samples leaked by the threat actors are from around the world, including the United States.

To mitigate the risks arising from this potential data exposure, treat unsolicited communications cautiously and reject requests to reveal more information under any pretense.